Hi All Any more discussion and suggestions regarding this thread
can some one use two ldap hosts and successfully test the ldap fail over auth with apache ? My apache conf which i mentioned is ok or not ? Please suggest. On Fri, Jan 8, 2010 at 12:23 AM, Muzammel Asghar <muzammel.li...@gmail.com>wrote: > Hi Eric > > LDAP Client = apache try to linked with ldap2 if ldap1 fails i submited the > conf in which i use ldap auth for apache > > LDAPTrustedMode TLS > LDAPConnectionTimeout 4 > > <Directory "/var/www/html/test" > > > > AuthName "Testing Ldap fail over" > AuthType Basic > > # The LDAP server(s) > AuthLDAPURL "ldap://ldap1.mydomain.com > ldap2.mydomain.com/dc=mydomain,dc=com?uid??" > AuthBasicProvider ldap > AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com" > AuthLDAPBindPassword abxxyz > > AuthLDAPGroupAttribute memberUid > > Require ldap-group cn=WEBOU,dc=mydomain,dc=com > Order Allow,Deny > Options Indexes FollowSymLinks Multiviews > Allow from All > > </Directory> > > So my intention towards apache only, other ldap clients like ssh etc are > working fine with ldap fail over. > > 2) Regarding logs, both apahce error and access logs are not shown any > messaaes when try to connect with ldap2, browser page is still in processing > try to connect ldap2 if ldap1 is goes down. > > 3) Its not an ldap client issue, its bascially apache ldap client issue > which fails to connect with secondary ldap server when primary goest down, > by using above conf. > > So please suggest > > > On Fri, Jan 8, 2010 at 12:02 AM, Eric Covener <cove...@gmail.com> wrote: > >> On Thu, Jan 7, 2010 at 1:59 PM, Muzammel Asghar >> <muzammel.li...@gmail.com> wrote: >> >> > So please kindly give suggestions , what i need extra to make ldap fail >> over >> > effective. >> >> What LDAP client is Apache linked with, and how does an ldapsearch >> client behave linked to the same one? >> >> What's the LogLevel debug output during the failure to connect to the >> first host? >> >> Can you try generating extended debug output with the module here: >> http://people.apache.org/~covener/ldap/<http://people.apache.org/%7Ecovener/ldap/> >> >> -- >> Eric Covener >> cove...@gmail.com >> >> --------------------------------------------------------------------- >> The official User-To-User support forum of the Apache HTTP Server Project. >> See <URL:http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> " from the digest: users-digest-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >> >
